TLS

September 14, 2020

SECURITY

Network Security Efficacy in the Age of Pervasive TLS Encryption

6 min read

As encryption becomes increasingly pervasive, network security administrators can struggle to maintain an acceptable level of security efficacy.

April 17, 2019

SECURITY

To the Depth of TLS Invisibility and Beyond

3 min read

Encrypted traffic is changing the threat landscape...Encryption technology enables greater privacy and security to communicate and transact business online. Mobile, cloud, and web applications rely on well-implemented encryption mechanisms, using keys and certificates, to ensure confidentiality and trust.

February 1, 2018

SECURITY

TLS 1.3 and Forward Secrecy: Count Us In, and Here’s Why

2 min read

The damage a hacker can do after discovering a server’s private encryption key is about to shrink considerably. That’s thanks to important improvements in the coming Internet Engineering Task Force...

December 27, 2017

SECURITY

The Impact on Network Security Through Encrypted Protocols – QUIC

3 min read

QUIC stands for Quick UDP Internet Connections, an experimental protocol designed and deployed by Google.

February 14, 2017

SECURITY

The impact on network security through encrypted protocols – TLS 1.3

4 min read

This post is the second part of my series around the impact of encrypted protocols on network security. You can find the first article about HTTP/2 here: http://blogs.cisco.com/security/the-impact-on-network-security-through-encrypted-protocols-http2 Now let us focus on the new and upcoming specification of TLS 1.3. It is important to understand what advantages TLS 1.3 brings to us, but also […]

December 30, 2016

SECURITY

The impact on network security through encrypted protocols – HTTP/2

4 min read

This is the start of a planned series of posts around the impact that new protocols are making on the way many of us deal with network security today. The protocols we have been using on the internet, mainly TCP with HTTP 1.1, have shown that they cannot deal with today’s requirements for fast and […]

October 4, 2016

SECURITY

ETSI/IQC’s 4th Workshop on Quantum-Safe Cryptography

2 min read

Quantum computers could break commonly used public key algorithms, which would affect cryptography used today. For that reason, there has been great attention on quantum safe crypto recently. We have blogged about it in numerous occasions [1], [2] , [3]. In that context, last week the 4th ETSI/IQC on Quantum-Safe Cryptography in Toronto, Canada brought […]

January 27, 2016

SECURITY

Where is my (intermediate) TLS certificate?

2 min read

When dealing with TLS connections, it is important to understand how a client (in most cases this is a web browser) will be acting. Let’s quickly check some of the steps that are happening when a TLS connection is made. A web server will send its certificate down to the requesting client during the TLS […]

January 25, 2016

SECURITY

Hiding in Plain Sight: Malware’s Use of TLS and Encryption

4 min read

Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a web server and […]